今天需要在测试环境中做一些性能测试,为了不影响原有的数据,准备创建一个临时的schema。但是创建的时候报了如下的错误。
sql> create user mig_perf identified by mig_perf;
create user mig_perf identified by mig_perf
*
error at line 1:
ora-28003: password verification for the specified password failed
ora-20002: password same as or similar to user
第一感觉就是开启了密码的校验,11g里面有一个新特性的关于密码的大小写敏感的,,会不会有关联呢。似乎有些牵强,但是目前是false选项,表示不对大小写敏感。
sql> show parameter sen
name type value
------------------------------------ ----------- ------------------------------
sec_case_sensitive_logon boolean false
如果还有问题,就需要从profie的角度入手了,比如登录密码超过10次,账户就会锁定,这些都是在profile里面配置的。
来看看能得到什么信息。
select *from dba_profiles order by profile;
sql> /
profile resource_name resource limit
------------------------------ -------------------------------- -------- ----------------------------------------
dbamon_pf1 composite_limit kernel unlimited
dbamon_pf1 sessions_per_user kernel 10
dbamon_pf1 cpu_per_session kernel unlimited
dbamon_pf1 cpu_per_call kernel unlimited
dbamon_pf1 logical_reads_per_session kernel unlimited
dbamon_pf1 logical_reads_per_call kernel unlimited
dbamon_pf1 idle_time kernel unlimited
dbamon_pf1 connect_time kernel unlimited
dbamon_pf1 private_sga kernel default
dbamon_pf1 failed_login_attempts password 10
dbamon_pf1 password_life_time password unlimited
dbamon_pf1 password_reuse_time password unlimited
dbamon_pf1 password_reuse_max password unlimited
dbamon_pf1 password_verify_function password verify_function
dbamon_pf1 password_lock_time password .0106
dbamon_pf1 password_grace_time password unlimited
default composite_limit kernel unlimited
default sessions_per_user kernel unlimited
default cpu_per_session kernel unlimited
default cpu_per_call kernel unlimited
default logical_reads_per_session kernel unlimited
default logical_reads_per_call kernel unlimited
default idle_time kernel unlimited
default connect_time kernel unlimited
default private_sga kernel unlimited
default failed_login_attempts password 10
default password_life_time password 180
default password_reuse_time password unlimited
default password_reuse_max password unlimited
default password_verify_function password verify_function_11g
default password_lock_time password 1
default password_grace_time password 7
我创建的新用户,没有指定profile,所以会是默认的default profile,对应的password_verify_function 有一些差别。
看来是对于密码安全的加强,来看看相关的简单测试,看看密码验证还都做了那些校验。
sql> create user mig_perf identified by mig_perf1;
create user mig_perf identified by mig_perf1
*
error at line 1:
ora-28003: password verification for the specified password failed
ora-20005: password same as or similar to user name
sql> create user mig_perf identified by abc;
create user mig_perf identified by abc
*
error at line 1:
ora-28003: password verification for the specified password failed
ora-20001: password length less than 8
sql> create user mig_perf identified by abcabc12;
user created.
sql> drop user mig_perf;
user dropped.
当然了“password verify_function_11g”其实是一个function来实现的。具体的细节可以在$oracle_home/rdbms/admin/utlpwdmg.sql中查看。
> ls -lrt utlpwd*
-rw-r--r-- 1 oraccbs1 dba 11555 aug 13 2006 utlpwdmg.sql
-- this script sets the default password resource parameters
-- this script needs to be run to enable the password features.
-- however the default resource parameters can be changed based
-- on the need.
-- a default password complexity function is also provided.
-- this function makes the minimum complexity checks like
-- the minimum length of the password, password not same as the
-- username, etc. the user may enhance this function according to
-- the need.
-- this function must be created in sys schema.
-- connect sys/ as sysdba before running the script